Amazon web services CloudFormation AutoscalingGroup“；负载平衡器附件不稳定“；

因此，我使用ECS（通过ECS cli创建）和CloudFormation，创建自动缩放组时遇到问题：

它始终无法说出“LoadBalancer附件未稳定”。有人知道这是什么原因吗

我有两个CloudFormation堆栈，一个主要的用于设置我的大部分基础设施，另一个（正在失败）用于第二个ECS集群。我正在从第一个/主堆栈的输出传递输入参数

我认为这可能是子网大小的问题（它们在第一个堆栈中创建并传递到第二个堆栈，即10.0.0.0/24和10.0.1.0/24），因此我尝试在第二个cloudformation模板中创建两个新的子网并使用它们，但结果是相同的错误

正在两个模板文件之间创建相同的自动缩放组和ELB

第一个堆栈：

"InternetGateway": {
        "Condition": "CreateVpcResources",
        "Type": "AWS::EC2::InternetGateway"
    },
    "AttachGateway": {
        "Condition": "CreateVpcResources",
        "Type": "AWS::EC2::VPCGatewayAttachment",
        "Properties": {
            "VpcId": {
                "Ref": "Vpc"
            },
            "InternetGatewayId": {
                "Ref": "InternetGateway"
            }
        }
    },
    "RouteViaIgw": {
        "Condition": "CreateVpcResources",
        "Type": "AWS::EC2::RouteTable",
        "Properties": {
            "VpcId": {
                "Ref": "Vpc"
            }
        }
    },
    "PublicRouteViaIgw": {
        "Condition": "CreateVpcResources",
        "DependsOn": "AttachGateway",
        "Type": "AWS::EC2::Route",
        "Properties": {
            "RouteTableId": {
                "Ref": "RouteViaIgw"
            },
            "DestinationCidrBlock": "0.0.0.0/0",
            "GatewayId": {
                "Ref": "InternetGateway"
            }
        }
    },
    "PubSubnet1RouteTableAssociation": {
        "Condition": "CreateVpcResources",
        "Type": "AWS::EC2::SubnetRouteTableAssociation",
        "Properties": {
            "SubnetId": {
                "Ref": "PubSubnetAz1"
            },
            "RouteTableId": {
                "Ref": "RouteViaIgw"
            }
        }
    },
    "PubSubnet2RouteTableAssociation": {
        "Condition": "CreateVpcResources",
        "Type": "AWS::EC2::SubnetRouteTableAssociation",
        "Properties": {
            "SubnetId": {
                "Ref": "PubSubnetAz2"
            },
            "RouteTableId": {
                "Ref": "RouteViaIgw"
            }
        }
    },
"Outputs": {
    "VpcId": {
        "Value": { "Ref": "Vpc" }
    },
    "KeyName": {
        "Value": { "Ref": "KeyName" }
    },
    "SourceCidr": {
        "Value": { "Ref": "SourceCidr"}
    },
    "EcsInstancePolicy": {
        "Value": { "Ref": "EcsInstancePolicy" }
    },
    "SubnetIds": {
        "Value": { 
            "Fn::Join": [
                ",", [{
                        "Ref": "PubSubnetAz1"
                    },
                    {
                        "Ref": "PubSubnetAz2"
                    }
                ]
            ]
        }
    },
    "CloudSecurityGroup": {
        "Value": { "Ref": "EcsSecurityGroup" }
    },
    "GatewayRouteTable": {
        "Value": { "Ref": "PublicRouteViaIgw" }
    }
}

第二个堆栈：

"Parameters": {
    "EcsAmiId": {
        "Type": "String",
        "Description": "ECS EC2 AMI id",
        "Default": ""
    },
    "EcsInstanceType": {
        "Type": "String",
        "Description": "ECS EC2 instance type",
        "ConstraintDescription": "must be a valid EC2 instance type."
    },
    "KeyName": {
        "Type": "AWS::EC2::KeyPair::KeyName",
        "Description": "Required - Name of an existing EC2 KeyPair to enable SSH access to the ECS instances"
    },
    "VpcId": {
        "Type": "String",
        "Description": "Required - VPC Id of existing VPC of Central stack.",
        "AllowedPattern": "^(?:vpc-[0-9a-f]{8}|)$",
        "ConstraintDescription": "VPC Id must begin with 'vpc-'"
    },
    "SubnetIds": {
        "Type": "String",
        "Description": "Required - Comma separated list of two (2) existing VPC Subnet Ids where ECS instances will run."
    },
    "AsgMaxSize": {
        "Type": "Number",
        "Description": "Maximum size and initial Desired Capacity of ECS Auto Scaling Group",
        "Default": "1"
    },
    "SourceCidr": {
        "Type": "String",
        "Description": "Required - Input CIDR/IP range to open up for ECS and Aurora"
    },
    "EcsInstancePolicy": {
        "Type": "String",
        "Description": "Required - IAM Policy for the ECS instances to use"
    },
    "EcsCluster": {
        "Type": "String",
        "Description": "ECS Cluster Name",
        "Default": "default"
    },
    "CloudSecurityGroup": {
        "Type": "String",
        "Description": "Name of the security group used by the ECS instances in the Cloud cluster"
    },
},
"Resources": {
    "EcsSecurityGroup": {
        "Type": "AWS::EC2::SecurityGroup",
        "Properties": {
            "GroupDescription": "ECS Allowed Ports",
            "VpcId": { "Ref": "VpcId" },
            "SecurityGroupIngress": [
                {
                    "IpProtocol": "tcp",
                    "FromPort": 22,
                    "ToPort": 22,
                    "SourceSecurityGroupId": { "Ref": "CloudSecurityGroup" }
                },
                {
                    "IpProtocol": "tcp",
                    "FromPort": 11000,
                    "ToPort": 11001,
                    "SourceSecurityGroupId": { "Ref": "CloudSecurityGroup" }
                },
                {
                    "IpProtocol": "tcp",
                    "FromPort": 22,
                    "ToPort": 22,
                    "CidrIp": { "Ref": "SourceCidr" }
                },
                {
                    "IpProtocol": "tcp",
                    "FromPort": 11000,
                    "ToPort": 11001,
                    "CidrIp": { "Ref": "SourceCidr" }
                }
            ]
        }
    },
    "EcsSecurityGroupIngressSelf": {
        "Type": "AWS::EC2::SecurityGroupIngress",
        "Properties": {
            "GroupId": { "Ref": "EcsSecurityGroup" },
            "SourceSecurityGroupId": { "Ref": "EcsSecurityGroup" },
            "IpProtocol": "tcp",
            "FromPort": 22,
            "ToPort": 9999
        }
    },
    "ElasticLoadBalancer": {
        "Type": "AWS::ElasticLoadBalancing::LoadBalancer",
        "Properties": {
            "Subnets": {
                "Fn::Split": [
                    ",",
                    { "Ref": "SubnetIds" }
                ]
            },
            "CrossZone": "true",
            "SecurityGroups": [{
                "Ref": "EcsSecurityGroup"
            }],
            "Listeners": [{
                    "LoadBalancerPort": "22",
                    "InstancePort": "22",
                    "Protocol": "TCP"
                },
                {
                    "LoadBalancerPort": "11000",
                    "InstancePort": "11000",
                    "Protocol": "TCP"
                },
                {
                    "LoadBalancerPort": "11001",
                    "InstancePort": "11001",
                    "Protocol": "TCP"
                }
            ],
            "HealthCheck": {
                "HealthyThreshold": "2",
                "Interval": "30",
                "Target": "TCP:22",
                "Timeout": "5",
                "UnhealthyThreshold": "5"
            }
        }
    },
    "EcsInstanceProfile": {
        "Type": "AWS::IAM::InstanceProfile",
        "Properties": {
            "Path": "/",
            "Roles": [{
                "Ref": "EcsInstancePolicy"
            }]
        }
    },
    "EcsInstanceLc": {
        "Type": "AWS::AutoScaling::LaunchConfiguration",
        "Properties": {
            "ImageId": {
                "Ref": "EcsAmiId"
            },
            "InstanceType": {
                "Ref": "EcsInstanceType"
            },
            "AssociatePublicIpAddress": true,
            "IamInstanceProfile": {
                "Ref": "EcsInstanceProfile"
            },
            "KeyName": {
                "Ref": "KeyName"
            },
            "SecurityGroups": [{
                "Ref": "EcsSecurityGroup"
            }],
            "UserData": {
                "Fn::Base64": {
                    "Fn::Join": [
                        "", [
                            "#!/bin/bash\n",
                            "echo ECS_CLUSTER=",
                            {
                                "Ref": "EcsCluster"
                            },
                            " >> /etc/ecs/ecs.config\n"
                        ]
                    ]
                }
            }
        }
    },
    "EcsInstanceAsg": {
        "Type": "AWS::AutoScaling::AutoScalingGroup",
        "Properties": {
            "VPCZoneIdentifier": [{ "Ref": "SubnetIds" }],
            "LaunchConfigurationName": {
                "Ref": "EcsInstanceLc"
            },
            "MinSize": "1",
            "MaxSize": {
                "Ref": "AsgMaxSize"
            },
            "DesiredCapacity": {
                "Ref": "AsgMaxSize"
            },
            "LoadBalancerNames": [{ "Ref": "ElasticLoadBalancer" }],
            "Tags": [{
                "Key": "Name",
                "Value": {
                    "Fn::Join": [
                        "", [
                            "ECS Instance - ",
                            {
                                "Ref": "AWS::StackName"
                            }
                        ]
                    ]
                },
                "PropagateAtLaunch": "true"
            }]
        }
    },

---

请让我知道是否有任何额外的信息对您的屏幕截图有帮助

，看起来CloudFormation堆栈以及

ecsinstanceag

自动缩放组是以前创建的，您正在尝试更新自动缩放组以引用新创建的负载平衡器

CloudFormation资源在更新时无法稳定的最常见问题是由于引用的资源在CloudFormation堆栈之外被修改和/或删除。这会导致CloudFormation修改它无法再找到的资源，这可能会导致随机错误或超时，因此不鼓励根据。如果是这种情况，最好的方法是重新开始，如果可能的话，使用一个全新的堆栈

---

如果您不是这样，则

AWS:：AutoScaling:：AutoScalingGroup

中的属性就地更新可能存在未知限制或问题（仅支持此属性的就地更新，因此可能仍然存在问题）。尝试重新创建自动缩放组（更改模板中

ecsinstanceag

资源的名称会导致重新创建），看看这是否解决了问题。

从屏幕截图上看，CloudFormation堆栈和

ecsinstanceag

自动缩放组似乎是以前创建的，您正在尝试更新自动缩放组以引用新创建的负载平衡器

CloudFormation资源在更新时无法稳定的最常见问题是由于引用的资源在CloudFormation堆栈之外被修改和/或删除。这会导致CloudFormation修改它无法再找到的资源，这可能会导致随机错误或超时，因此不鼓励根据。如果是这种情况，最好的方法是重新开始，如果可能的话，使用一个全新的堆栈

---

如果您不是这样，则

AWS:：AutoScaling:：AutoScalingGroup

中的属性就地更新可能存在未知限制或问题（仅支持此属性的就地更新，因此可能仍然存在问题）。尝试重新创建您的自动缩放组（更改模板中的

ecsinstanceag

资源的名称会导致重新创建该组），看看这是否解决了问题。

我让它工作了。解决方案是我所做的以下两个更改中的一个（或两个）：

我意识到我没有为ecs cli指定VPC来启动现有VPC中的集群。我更改了代码，在“ecs cli up”调用中包含“--vpc”和“--subnets”选项。这可能是踢球的人，因为

我删除了AutoScalingGroup的“VPCZoneIdentifier”参数周围的方括号，因此它现在看起来如下所示：

“VPCZoneIdentifier”：{“Ref”：“SubnetIds”}

，其中SubnetIds是由两个子网ID组成的字符串，它们之间有一个逗号。（请注意，截至2017年2月7日，。它表示此参数采用字符串列表，但显然不是。）

---

我让它工作了。解决方案是我所做的以下两个更改中的一个（或两个）：

我意识到我没有为ecs cli指定VPC来启动现有VPC中的集群。我更改了代码，在“ecs cli up”调用中包含“--vpc”和“--subnets”选项。这可能是踢球的人，因为

我删除了AutoScalingGroup的“VPCZoneIdentifier”参数周围的方括号，因此它现在看起来如下所示：

“VPCZoneIdentifier”：{“Ref”：“SubnetIds”}

，其中SubnetIds是由两个子网ID组成的字符串，它们之间有一个逗号。（请注意，截至2017年2月7日，。它表示此参数采用字符串列表，但显然不是。）